<?php
session_start();
define('IN_WADMIN', true);
require_once '../include/common.php';
require_once './aconn.php';
$title="后台管理";
include ('../include/head.php');

$li=(isset( $_SESSION['w_adminname']))?'<li role="presentation"><a href="index.php">管理中心</a></li>':'<li role="presentation"><a href="index.php">后台登陆</a></li>';
echo '<div class="header">
        <ul class="nav nav-pills pull-right" role="tablist">
          <li role="presentation" class="active"><a href="../index.php">首页</a></li>
          '.$li.'
          <li role="presentation"><a href="index.php?action=logout">退出</a></li>
        </ul>
        <h3 class="text-muted" align="left">用户管理</h3>
      </div><hr>';
if(isset($_SESSION['w_adminname'])&&isset($_SESSION['w_adminid'])){
	$w_adminid=userid($_SESSION['w_adminname'],$key,$w_adminpwd);
	if($_SESSION['w_adminid']==$w_adminid){
		if($_GET['do'] == "list"){
		$lsql = "SELECT `id`, `username`, `vip` FROM `w_user`";
		$lsth = $db->query($lsql);
		$list = $lsth->fetchAll();
		$list_num=count($list);
		if($list_num!=0){
		foreach($list as $key=>$value){
		$key=$key+1;
		$vip=($value[vip]!=0)?' style="color: rgb(255, 255, 0);"':'';
				$tr .= '<tr>
							<td><span class="label label-warning">'.$key.'</span></td>
							<td><button type="button" class="btn btn-primary btn-xs">
								<span class="glyphicon glyphicon-user"'.$vip.'></span> '.$value[username].'</button>
							</td>
							<td><a href="user.php?do=cz&id='.$value[id].'&user='.$value[username].'"><span class="label label-info">充值</span></a> <a href="user.php?do=del&id='.$value[id].'&user='.$value[username].'"><span class="label label-danger">删除</span></a> <a href="user.php?do=zl&id='.$value[id].'&user='.$value[username].'"> <span class="label label-primary">详细</span></a></td>
						</tr>';
			}
		}else{
			$tr='<tr>
					<td colspan="3">
						<div align="center" color="red">
						 还没有用户！
						</div>
					</td>
				</tr>';
		}
echo '<table class="table table-bordered">
	<thead>
		<tr>
			<th>#<span class="label label-danger">'.$list_num.'</span></th>
			<th>用户</th>
			<th>操作</th>
		</tr>
	</thead>
	<tbody>
	'.$tr.'
	</tbody>
	</table>';
		}
		
		if($_GET['do'] == "cz"){

			if(isset($_POST['m'])){
			$id=daddslashes($_GET['id']);
			$user=daddslashes($_GET['user']);
			$m=daddslashes($_POST['m']);
			$sql = "UPDATE `w_user` SET `rmb`=rmb+{$m} WHERE id='{$id}'";
			$do = $db->exec($sql);
			$time=time();
			
				if($do){
					$jsql = "INSERT INTO `w_cz`(`user_id`, `user`, `time`, `rmb`, `zt`) VALUES ('{$id}','{$user}','{$time}','{$m}','成功')";
					$db->exec($jsql);
					echo '充值成功！3秒后...<br />若无法跳转请<a href="user.php?do=zl&id='.$id.'&user='.$user.'">点击这里进入</a><meta http-equiv="refresh" content="3;url=user.php?do=zl&id='.$id.'&user='.$user.'">';
				}else{
					$jsql = "INSERT INTO `w_cz`(`user_id`, `user`, `time`, `rmb`, `zt`) VALUES ('{$id}','{$user}','{$time}','{$m}','失败')";
					$db->exec($jsql);
					echo '充值失败！3秒后...<br />若无法跳转请<a href="user.php?do=zl&id='.$id.'&user='.$user.'">点击这里进入</a><meta http-equiv="refresh" content="3;url=user.php?do=zl&id='.$id.'&user='.$user.'">';
				}
			}else{	
			echo '
			<h3 class="form-signin-heading">为'.$_GET['user'].'充值</h3>
			<form action="user.php?do=cz&id='.$_GET['id'].'&user='.$_GET['user'].'" class="form-sign" method="post">
			充值金额<br><input type="text" class="form-control" name="m" value=""><br>
			<input type="submit" class="btn btn-primary btn-block" name="submit" value="提交">
			</form>';
			}
		}
		
		if($_GET['do'] == "del"){

			
			$id=daddslashes($_GET['id']);
			$user=daddslashes($_GET['user']);

			$sql = "DELETE FROM `w_user` WHERE id='{$id}' AND username='{$user}'";
			$do = $db->exec($sql);
			
				if($do){
					echo '删除'.$user.'成功！3秒后...<br />若无法跳转请<a href="user.php?do=list">点击这里进入</a><meta http-equiv="refresh" content="3;url=user.php?do=list">';
				}else{
					echo '删除'.$user.'失败！3秒后...<br />若无法跳转请<a href="user.php?do=list">点击这里进入</a><meta http-equiv="refresh" content="3;url=user.php?do=list">';
				}
			
		}
		
		if($_GET['do'] == "zl"){

			
			$id=daddslashes($_GET['id']);
			$user=daddslashes($_GET['user']);

			$sql = "SELECT * FROM `w_user` WHERE id='{$id}' AND username='{$user}'";
			$do = $db->query($sql);
			$list = $do->fetch();
			
				if($do){
				$vip=($list[vip]!=0)?' style="color: rgb(255, 255, 0);"':'';
echo '<table class="table table-bordered">
	<thead>
		<tr>
			<th>#</th>
			<th>用户名</th>
			<th>资料</th>
		</tr>
	</thead>
	<tbody>
	<tr>
		<td><span class="label label-warning">'.$list[id].'</span></td>
		<td><button type="button" class="btn btn-primary btn-xs">
			<span class="glyphicon glyphicon-user"'.$vip.'></span> '.$list[username].'</button>
		</td>
		<td>
		<ul class="list-group">
			<li class="list-group-item">邮箱:'.$list[email].'</li>
			<li class="list-group-item">ＱＱ:'.$list[qq].'</li>
			<li class="list-group-item">电话:'.$list[tel].'</li>
			<li class="list-group-item">注册时间:'.time_data($list[regtime]).'</li>
			<li class="list-group-item">余额:'.$list[rmb].'元</li>
			<li class="list-group-item">会员:'.$list[vip].'个月</li>
			<li class="list-group-item">注册IP:'.$list[ip].'</li>
		</ul>
		</td>
	</tr>
	</tbody>
	</table>';
				}else{
					echo '获取'.$user.'资料失败！3秒后...<br />若无法跳转请<a href="user.php?do=list">点击这里进入</a><meta http-equiv="refresh" content="3;url=user.php?do=list">';
				}
			
		}
		
		if($_GET['do']==czlist){
			$sql = "SELECT * FROM `w_cz`";
			$do = $db->query($sql);
			$list = $do->fetchAll();
			if($list){
			foreach($list as $value){
			$zt=($value[zt]=='成功')?"success":"danger";
				$tr .= '<tr>
							<td><span class="label label-warning">'.$value[id].'</span></td>
							<td><span class="label label-success">'.$value[user_id].'</span></td>
							<td><span class="label label-info">'.$value[user].'</span></td>
							<td><span class="label label-primary">'.time_data($value[time]).'</span></td>
							<td><span class="label label-danger">'.$value[rmb].'</span></td>
							<td><span class="label label-'.$zt.'">'.$value[zt].'</span></td>
						</tr>';
			}
			}else{
				$tr='<tr>
					<td colspan="6">
						<div align="center" color="red">
						 还没有数据！
						</div>
					</td>
				</tr>';
			}
			echo '<table class="table table-bordered">
	<thead>
		<tr>
			<th>#</th>
			<th>用户ID</th>
			<th>用户名</th>
			<th>时间</th>
			<th>金额</th>
			<th>状态</th>
		</tr>
	</thead>
	<tbody>
	'.$tr.'
	</tbody>
	</table>';
			
		}
		
		if($_GET['do'] == "cont"){
			if(isset($_POST['yl'])&&isset($_POST['sj'])){
			$yl=$_POST['yl'];
			$sgyl=$_POST['sgyl'];
			$shyl=$_POST['shyl'];
			$sj=$_POST['sj'];
			file_put_contents('../cron/content/yl.txt', $yl) or die('修改出错!');
			file_put_contents('../cron/content/sgyl.txt', $sgyl) or die('修改出错!');
			file_put_contents('../cron/content/shyl.txt', $shyl) or die('修改出错!');
			file_put_contents('../cron/content/sj.txt', $sj) or die('修改出错!');
				echo "修改成功！";
			}else{
			$yl=file_get_contents('../cron/content/yl.txt');
			$sgyl=file_get_contents('../cron/content/sgyl.txt');
			$shyl=file_get_contents('../cron/content/shyl.txt');
			$sj=file_get_contents('../cron/content/sj.txt');
			echo '<h3 class="form-signin-heading">文本修改</h3>
		<form action="user.php?do=cont" class="form-sign" method="post">
		<label for="name">语录:</label><br>
		<textarea class="form-control" name="yl" rows="4">'.$yl.'</textarea><br>
		<label for="name">伤感语录:</label><br>
		<textarea class="form-control" name="sgyl" rows="4">'.$sgyl.'</textarea><br>
		<label for="name">社会语录:</label><br>
		<textarea class="form-control" name="shyl" rows="4">'.$shyl.'</textarea><br>
		<label for="name">随机:</label><br>
		<textarea class="form-control" name="sj" rows="4">'.$sj.'</textarea><br>
		<input type="submit" class="btn btn-primary btn-block" name="submit" value="修改">
		</form>';
		}
		}
		
		if($_GET['do'] == "cimg"){
			if(isset($_POST['submit'])){
				if (file_exists("../cron/image/". $_POST['tp'].$_FILES["file"]["name"])){
					echo $_POST['tp'].$_FILES["file"]["name"] . "该图片已存在 <a href='user.php?do=cimg'>点击返回</a>";
				}else{
					move_uploaded_file($_FILES["file"]["tmp_name"],"../cron/image/" . $_POST['tp']. $_FILES["file"]["name"]);
					echo $_POST['tp']. $_FILES["file"]["name"]."上传成功！<br />大小：". ($_FILES["file"]["size"] / 1024) . " Kb<br /><a href='user.php?do=cimg'>点击返回</a>" ;
				}
			}else{
			echo '<h3 class="form-signin-heading">图片上传</h3>
		<form action="user.php?do=cimg" class="form-sign" method="post" enctype="multipart/form-data">
		<label class="checkbox-inline">
		<input type="radio" name="tp" value="" checked> 随机
		</label>
		<label class="checkbox-inline">
		<input type="radio" name="tp" value="mm_"> 美女
		</label>
		<label class="checkbox-inline">
		<input type="radio" name="tp" value="dm_"> 动漫
		</label>
		<label class="checkbox-inline">
		<input type="radio" name="tp" value="sg_"> 伤感
		</label><br>
		<input type="file" class="form-control" name="file" id="file" /> <br>
		<input type="submit" class="btn btn-primary btn-block" name="submit" value="上传">
		</form>';
		}
		}
		if($_GET['do'] == "jh"){
		if($_POST["submit"])
		{
			$lth=20;//激活码长度
			$chars = 'abcdefghijlkmnpqrstuvwxyz0123456789ABCDEFGHIJKLMNPQRSTUVWXYZ';          
			$chars = str_shuffle($chars); 
			
			for($i = $lth; $i--; ) {   
				$str .= substr($chars, mt_rand(0,strlen($chars)), 1);
			}
			
			$sql = "INSERT INTO `w_jh`(`key`) VALUES ('{$str}')";
			$d = $db->exec($sql);
		 if($d){
			 echo "生成成功！";
			}else{
			echo "生成失败！";
			}
		}
			echo '<form action="user.php?do=jh" class="form-horizontal" method="post" enctype="multipart/form-data">
		<input type="submit" class="btn btn-primary btn-block" name="submit" value="生成激活码">
</form><hr>';
		$pagesize = 2;
		$p1 = $_GET['p1']?$_GET['p1']:1;
		
		
		$offset1 = ($p1-1)*$pagesize;
		
		$sql = "SELECT `key` FROM `w_jh` WHERE zt='0' LIMIT  $offset1 , $pagesize";
		$do = $db->query($sql);
		$list = $do->fetchAll();
		echo '<ol style="padding:0 20px;">';
		foreach($list as $value){
			echo '<li>'.$value[key].'</li>';
		}
		$z_sql = "SELECT `key` FROM `w_jh` WHERE zt='0'";
		$z_sth = $db->query($z_sql);
		$z_num = $z_sth->rowCount();
		echo '共'.$z_num.'条';
		$pagenum=ceil($z_num/$pagesize);
		if ($pagenum > 1) {
			for($i=1;$i<=$pagenum;$i++) {
				if($i==$p1) {
					echo ' [',$i,']';
				} else {
					echo ' <a href="user.php?do=jh&p1=',$i,'">',$i,'</a>';
				}
			}
		}
		echo '</ol><hr>';
		
//
		$p2 = $_GET['p2']?$_GET['p2']:1;
		$offset2 = ($p2-1)*$pagesize;
		$sql = "SELECT `key` FROM `w_jh` WHERE zt='1' LIMIT  $offset2 , $pagesize";
		$do = $db->query($sql);
		$list = $do->fetchAll();
		echo '<ol style="padding:0 20px;">';
		foreach($list as $value){
			echo '<li style="text-decoration:line-through; color: #C36">'.$value[key].'</li>';
		}
		
		$z_sql = "SELECT `key` FROM `w_jh` WHERE zt='1'";
		$z_sth = $db->query($z_sql);
		$num = $z_sth->rowCount();
		echo '共'.$num.'条';
		
		$pagenum=ceil($num/$pagesize);

		//循环输出各页数目及连接
		if ($pagenum > 1) {
			for($i=1;$i<=$pagenum;$i++) {
				if($i==$p2) {
					echo ' [',$i,']';
				} else {
					echo ' <a href="user.php?do=jh&p2=',$i,'">',$i,'</a>';
				}
			}
		}
		echo '</ol>';
		
		}
		
		
		if(!isset($_GET['do'])){
			echo '访问出错!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
		}
	}else{
		echo '非法访问!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
	}
	
}else{
	echo '非法访问!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
}

include ('../include/foot.php');